Apache
directory listing is provided by the AutoIndex
module. If enabled, Apache
will show the list of files and folders if no DirectoryIndex
files are present in a particular path or folder.
Example of common DirectoryIndex
files are index.html
, index.htm
, index.php
and welcome.html
, configurable in Apache
configuration file.
It's a handy feature for sure but you might want to disable directory listing for security or any other other reasons.
You can prevent directory listing for Apache
by disabling mod_autoindex
altogether, set appropriate options in Apache
configuration file or by using htaccess
file.
Methods to disable directory listing in Apache:
If you're hosting on platforms such as cPanel
, you can use platform-specific methods to disable Apache
's directory listing.
The easiest way is probably to disable the autoindex
module entirely and disabling the module would affect all the sites hosted on the server.
autoindex
module for Apache
. $ sudo a2dismod --force autoindex # Ubuntu, Debian and SUSE Module autoindex disabled. To activate the new configuration, you need to run: systemctl restart apache2
a2dismod
support can simply run the command above without having to manually disable the required modules.LoadModule
directive for the corresponding autoindex
module need to be manually disabled by removing or commenting (by adding #
at the beginning) the line in the configuration file.Options | Debian, Ubuntu | openSUSE and SLES | Fedora Core, CentOS, RHEL | macOS | homebrew | xampp |
---|---|---|---|---|---|---|
a2dismod support | yes | yes | no | no | no | no |
Modules to uninstall | none | |||||
Module name | n/a | autoindex | ||||
Loadmodule directive | n/a | #LoadModule autoindex_module <module_locations>/mod_autoindex.so |
You can add -Indexes
to Options
directive in Apache
's configuration file to fully disable directory listing, or add the same -Indexes
option into Directory
configuration to disable the feature per-directory.
Apache
's configuration file using your preferred text editor. $ sudo vi /etc/apache2/other/mysite.conf
The configuration could be set globally or from within VirtualHost
configuration.
-Indexes
to Options
directive for required directory. <Directory /var/www/mysite> Options -Indexes </Directory>
Notice that it's -Indexes
and not +Indexes
If you don't have administrator access to the system or just want to easily manage directory listing on per-directory basis, you can use the above Options -Indexes
directive in htaccess
files.
htaccess
file on the directory that you want to disable listing using your preferred text editor. $ sudo vi /var/www/mysite/.htaccess
-Indexes
to Options
directive in the htaccess
file. Options -Indexes
Guide compatibility:
Operating System |
---|
Ubuntu 16.04 LTS (Xenial Xerus) |
Ubuntu 16.10 (Yakkety Yak) |
Ubuntu 17.04 (Zesty Zapus) |
Ubuntu 17.10 (Artful Aardvark) |
Ubuntu 18.04 LTS (Bionic Beaver) |
Ubuntu 18.10 (Cosmic Cuttlefish) |
Ubuntu 19.04 (Disco Dingo) |
Comment anonymously. Login not required.